SFTP:關閉 Pageant 以強制使用密碼而不是公鑰
我正在嘗試使用客戶端提供給我的使用者名和密碼 SFTP 到伺服器,但我不斷收到
Disconnected: No supported authentication methods available (server sent: publickey). 我在 Ubuntu 13.10 上,我嘗試在終端中使用 Filezillasftp -vv user@hostguilftp -u user sftp://host。這是我在 Debug:Verbose 模式下從 Filezilla 獲得的輸出:
Response: fzSftp started Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started) Trace: CSftpControlSocket::SendNextCommand() Trace: CSftpControlSocket::ConnectSend() Command: open "user@host" 22 Trace: Server version: SSH-2.0-CoreFTP-0.3.1 Trace: Using SSH protocol version 2 Trace: We claim version: SSH-2.0-PuTTY_Local:_Sep_14_2013_01:12:43 Trace: Using Diffie-Hellman with standard group "group14" Trace: Doing Diffie-Hellman key exchange with hash SHA-1 Trace: Host key fingerprint is: Trace: ssh-rsa 1024 b1:ac:c5:b6:d2:b8:d3:ef:fc:d2:b3:d8:06:2c:d2:25 Trace: Initialised AES-256 SDCTR client->server encryption Trace: Initialised HMAC-SHA1 client->server MAC algorithm Trace: Initialised AES-256 SDCTR server->client encryption Trace: Initialised HMAC-SHA1 server->client MAC algorithm Trace: Pageant is running. Requesting keys. Trace: Pageant has 1 SSH-2 keys Trace: Trying Pageant key #0 Trace: Sending Pageant's response Trace: Access denied Trace: Disconnected: No supported authentication methods available (server sent: publickey) Error: Disconnected: No supported authentication methods available (server sent: publickey) Trace: CSftpControlSocket::ResetOperation(66) Trace: CControlSocket::ResetOperation(66) Error: Could not connect to server
sftp -vv輸出類似。似乎 Pageant 在密碼之前提供了我的公鑰(這是正常的),但隨後沒有繼續進行密碼身份驗證。有沒有辦法首先強制密碼驗證(即完全繞過選美)?我必須能夠通過此連接執行 bash 腳本操作,因此需要使用sftporlftp命令。有沒有我可以設置的標誌來完成這個?我查看了手冊頁,但沒有找到我要查找的內容。總是有可能在客戶端的伺服器上配置錯誤,但是由於客戶端能夠從該帳戶登錄沒問題,我懷疑問題出在我這邊。
更新
客戶端可以使用 Windows 上的 Filezilla 使用此帳戶登錄伺服器,從而排除了將其伺服器配置為僅允許公鑰身份驗證的可能性。這是一家較大的公司,其 IT 部門擁有許多此類帳戶,因此可以合理地假設他們之前已經這樣做過。這是他們在 Filezilla 中的 Debug:Verbose 的輸出:
Status: Connecting to host:22... Trace: Going to execute "C:\Program Files\FileZilla FTP Client\fzsftp.exe" Response: fzSftp started Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started) Trace: CSftpControlSocket::SendNextCommand() Trace: CSftpControlSocket::ConnectSend() Command: open "user@host" 22 Trace: Looking up host "host" Trace: Connecting to xxx.xxx.xxx.xxx port 22 Trace: Server version: SSH-2.0-CoreFTP-0.3.1 Trace: Using SSH protocol version 2 Trace: We claim version: SSH-2.0-PuTTY_Local:_Jun_15_2008_14:47:43 Trace: Using Diffie-Hellman with standard group "group14" Trace: Doing Diffie-Hellman key exchange with hash SHA-1 Trace: Host key fingerprint is: Trace: ssh-rsa 1024 b1:ac:c5:b6:d2:b8:d3:ef:fc:d2:b3:d8:06:2c:d2:25 Trace: Initialised AES-256 SDCTR client->server encryption Trace: Initialised HMAC-SHA1 client->server MAC algorithm Trace: Initialised AES-256 SDCTR server->client encryption Trace: Initialised HMAC-SHA1 server->client MAC algorithm Command: Pass: ******** Trace: Sent password Trace: Access granted Trace: Opened channel for session Trace: Started a shell/command Status: Connected to host Trace: CSftpControlSocket::ConnectParseResponse() Trace: CSftpControlSocket::ResetOperation(0) Trace: CControlSocket::ResetOperation(0) Status: Retrieving directory listing... Trace: CSftpControlSocket::SendNextCommand() Trace: CSftpControlSocket::ChangeDirSend() Command: pwd Response: Current directory is: "/"
伺服器被配置為只允許公鑰認證,不允許密碼。你可以在它說的地方看到這個:
Trace: Disconnected: No supported authentication methods available (server sent: publickey) Error: Disconnected: No supported authentication methods available (server sent: publickey)
可能是一個遲到的答案,但對於像我這樣最終會在這裡結束的可憐的靈魂。
可能發生的事情是 Filezilla 使用 env 變數
SSH_AUTH_SOCK來訪問可用的 ssh 密鑰。在我的機器上,如果我
echo $SSH_AUTH_SOCK在終端中執行,我會得到類似的東西'/run/user/1000/keyring/ssh'為了防止 Filezilla 找到您的 ssh 代理中的 ssh 密鑰,您可以通過這樣做清空該環境變數
export SSH_AUTH_SOCK=""。現在,如果您在此終端中啟動 Filezilla,它將無法從您的 ssh 代理訪問 ssh 密鑰,並且它將使用配置的連接密碼。